Folks:
When checking the security of my system, I found that it is vulnerable
to the following standard attack (in tcsh syntax):
env RESOLV_HOST_CONF=/etc/shadow /usr/sbin/traceroute foobar
or env RESOLV_HOST_CONF=/etc/shadow fping foobar
This allows the user to read any (text) file on the system.

I have a Debian diff including a patch for this, someone simply needs
to compile and upload it. All that needs to be done is fix the
debian/changelog (by that I mean the -- line, I give permission to
use the -2 revision to whomever uploads this) and dpkg-buildpackage.